ID.AM-02—Inventories of software, services, and systems managed by the organization are maintained
>Control Description
This asset management subcategory ensures that inventories of software, services, and systems managed by the organization are maintained. Key activities include: Maintain inventories for all types of software and services, including commercial-off-the-shelf, open-source, custom applications, API services, an...; Constantly monitor all platforms, including containers and virtual machines, for software and service inventory changes; Maintain an inventory of the organization’s systems.
>Cross-Framework Mappings
NIST SP 800-53 r5
via NIST CSF 2.0 Concept CrosswalkISO 27001:2022
via NIST OLIR Catalog>Informative References
Official NIST mappings to external frameworks and standards. Source: NIST CSF 2.0
CCMv4.0
CCC-04
DCS-06
DSP-19
UEM-02
UEM-04
CIS Controls v8.0
2.1
CIS Controls v8.1
2.1
CRI Profile v2.0
ID.AM-02
ID.AM-02.01
CSF v1.1
ID.AM-2
ISO/IEC 27001:2022
Mandatory Clause: None
Annex A Controls: 5.9
NICE Framework
DD-WRL-002
DD-WRL-005
DD-WRL-009
IO-WRL-002
IO-WRL-003
IO-WRL-004
IO-WRL-005
OG-WRL-015
PCI DSS
6.3.2
12.5.1
12.8.1
6.4.3
SCF
AST-02
SP 800-171 Rev 3
03.04.10
03.16.03
SP 800-221A
MA.RI-1
SP 800-53 Rev 5.1.1
AC-20
CM-08
PM-05
SA-05
SA-09
SP 800-53 Rev 5.2.0
AC-20
CM-08
PM-05
SA-05
SA-09
SP-800-37 Rev 2
RMF Prepare Step (System Level): TASK P-10 Asset Identification
Ask AI
Configure your API key to use AI features.